@{
    ViewData["Title"] = "API文档 - 身份验证接口";
}

<div class="container mt-4">
    <h1>身份验证接口文档</h1>
    <p class="lead">本文档描述了用于对接WorkFlowCore自定义身份认证扩展的接口。</p>

    <div class="card mb-4">
        <div class="card-header">
            <h2>验证Token接口</h2>
        </div>
        <div class="card-body">
            <h3>接口说明</h3>
            <p>该接口用于验证JWT Token，并返回用户信息。</p>

            <h3>请求方式</h3>
            <p>支持GET和POST两种请求方式。</p>

            <h3>接口地址</h3>
            <pre><code>GET /Account/VerifyToken</code></pre>
            <pre><code>POST /Account/VerifyToken</code></pre>

            <h3>请求参数</h3>
            <table class="table table-bordered">
                <thead>
                    <tr>
                        <th>参数名</th>
                        <th>位置</th>
                        <th>类型</th>
                        <th>必填</th>
                        <th>说明</th>
                    </tr>
                </thead>
                <tbody>
                    <tr>
                        <td>authorization</td>
                        <td>headers/query/form</td>
                        <td>string</td>
                        <td>是</td>
                        <td>JWT Token，可以带Bearer前缀</td>
                    </tr>
                    <tr>
                        <td>appid</td>
                        <td>headers/query/form</td>
                        <td>string</td>
                        <td>否</td>
                        <td>应用ID</td>
                    </tr>
                </tbody>
            </table>

            <h3>响应参数</h3>
            <table class="table table-bordered">
                <thead>
                    <tr>
                        <th>参数名</th>
                        <th>类型</th>
                        <th>说明</th>
                    </tr>
                </thead>
                <tbody>
                    <tr>
                        <td>isValid</td>
                        <td>boolean</td>
                        <td>是否验证通过</td>
                    </tr>
                    <tr>
                        <td>user</td>
                        <td>object</td>
                        <td>用户信息</td>
                    </tr>
                    <tr>
                        <td>user.id</td>
                        <td>string</td>
                        <td>用户ID</td>
                    </tr>
                    <tr>
                        <td>user.name</td>
                        <td>string</td>
                        <td>用户名称</td>
                    </tr>
                    <tr>
                        <td>user.isManager</td>
                        <td>boolean</td>
                        <td>是否是管理员</td>
                    </tr>
                    <tr>
                        <td>user.appId</td>
                        <td>string</td>
                        <td>应用ID</td>
                    </tr>
                    <tr>
                        <td>claims</td>
                        <td>array</td>
                        <td>额外的身份信息</td>
                    </tr>
                    <tr>
                        <td>claims[].type</td>
                        <td>string</td>
                        <td>声明类型</td>
                    </tr>
                    <tr>
                        <td>claims[].value</td>
                        <td>string</td>
                        <td>声明值</td>
                    </tr>
                </tbody>
            </table>

            <h3>响应示例</h3>
            <pre><code>
{
    "isValid": true,
    "user": {
        "id": "10001",
        "name": "张三",
        "isManager": false,
        "appId": "demo"
    },
    "claims": [
        {
            "type": "email",
            "value": "zhangsan@example.com"
        }
    ]
}
            </code></pre>

            <h3>配置说明</h3>
            <p>在WorkFlowCore端，需要将<code>DefaultCustomizationVerifyExtension</code>的url参数配置为Web项目的验证接口地址，例如：</p>
            <pre><code>url=https://your-web-app-domain/Account/VerifyToken</code></pre>
        </div>
    </div>

    <div class="card mb-4">
        <div class="card-header">
            <h2>配置示例</h2>
        </div>
        <div class="card-body">
            <h3>DefaultCustomizationVerifyExtension配置参数</h3>
            <table class="table table-bordered">
                <thead>
                    <tr>
                        <th>参数名</th>
                        <th>默认值</th>
                        <th>说明</th>
                    </tr>
                </thead>
                <tbody>
                    <tr>
                        <td>token-from</td>
                        <td>headers</td>
                        <td>token解析来源，可选值：headers、query</td>
                    </tr>
                    <tr>
                        <td>token-key</td>
                        <td>ThirdpartAuthorization</td>
                        <td>token名</td>
                    </tr>
                    <tr>
                        <td>token-to</td>
                        <td>headers</td>
                        <td>token解析来源，可选值：headers、query</td>
                    </tr>
                    <tr>
                        <td>to-token-key</td>
                        <td>authorization</td>
                        <td>token名</td>
                    </tr>
                    <tr>
                        <td>method</td>
                        <td>get</td>
                        <td>请求方式，可选值：post、get</td>
                    </tr>
                    <tr>
                        <td>token-format</td>
                        <td>Bearer {token}</td>
                        <td>token格式</td>
                    </tr>
                    <tr>
                        <td>url</td>
                        <td>无</td>
                        <td>认证地址</td>
                    </tr>
                </tbody>
            </table>

            <h3>key=value 格式示例</h3>
            <pre><code>
token-from=headers
token-key=ThirdpartAuthorization
token-to=headers
to-token-key=authorization
method=post
token-format=Bearer {token}
url=https://your-web-app-domain/Account/VerifyToken
</code></pre>
        </div>
    </div>

    <div class="card mb-4">
        <div class="card-header">
            <h2>模拟调用</h2>
        </div>
        <div class="card-body">
            <form id="simulateForm" class="mb-3">
                <div class="mb-2">
                    <label for="tokenInput" class="form-label">Token (authorization)</label>
                    <input type="text" class="form-control" id="tokenInput" name="authorization" placeholder="自动获取JwtToken" />
                </div>
                <div class="mb-2">
                    <label for="appidInput" class="form-label">AppId (可选)</label>
                    <input type="text" class="form-control" id="appidInput" name="appid" placeholder="应用ID" />
                </div>
                <button type="button" class="btn btn-primary" id="simulateBtn">模拟调用</button>
            </form>
            <div>
                <label class="form-label">接口响应：</label>
                <pre id="simulateResult" style="background:#f8f9fa;padding:10px;"></pre>
            </div>
        </div>
    </div>

    <script>
        // 获取cookie
        function getCookie(name) {
            const value = `; ${document.cookie}`;
            const parts = value.split(`; ${name}=`);
            if (parts.length === 2) {
                const cookieValue = parts.pop().split(';').shift();
                return cookieValue;
            }
            return null;
        }
        // 页面加载时自动填充token
        document.addEventListener('DOMContentLoaded', function () {
            var tokenInput = document.getElementById('tokenInput');
            if (!tokenInput) {
                console.error('Element with ID "tokenInput" not found.');
                return;
            }
            var token = getCookie('JwtToken'); // 从 JwtToken 获取
            if (token) {
                tokenInput.value = 'Bearer ' + token;
            }
        });
        // 模拟调用按钮事件
        document.getElementById('simulateBtn').addEventListener('click', function () {
            var token = document.getElementById('tokenInput').value;
            var appid = document.getElementById('appidInput').value;
            var params = new URLSearchParams();
            if (token) params.append('authorization', token);
            if (appid) params.append('appid', appid);
            fetch('/Account/VerifyToken?' + params.toString(), {
                method: 'GET',
                headers: {
                    'Accept': 'application/json'
                }
            })
            .then(res => res.json())
            .then(data => {
                document.getElementById('simulateResult').textContent = JSON.stringify(data, null, 2);
            })
            .catch(err => {
                document.getElementById('simulateResult').textContent = '请求失败：' + err;
            });
        });
    </script>
</div>
